From 58cd2ba993a474137be1494f5ebdc0f1f76e704e Mon Sep 17 00:00:00 2001
From: Andrew Ferrazzutti <andrewf@element.io>
Date: Thu, 3 Jul 2025 13:22:17 -0400
Subject: [PATCH] Add "erase" option to REST deactivate request body

This allows using the endpoint to deactivate a user without deleting it.

TODO: make the request body optional.
---
 .../handlers/src/admin/v1/users/deactivate.rs | 13 ++++++++++-
 docs/api/spec.json                            | 23 +++++++++++++++++++
 2 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/crates/handlers/src/admin/v1/users/deactivate.rs b/crates/handlers/src/admin/v1/users/deactivate.rs
index 55194a613..7b9ea2e4e 100644
--- a/crates/handlers/src/admin/v1/users/deactivate.rs
+++ b/crates/handlers/src/admin/v1/users/deactivate.rs
@@ -8,6 +8,8 @@ use aide::{NoApi, OperationIo, transform::TransformOperation};
 use axum::{Json, response::IntoResponse};
 use hyper::StatusCode;
 use mas_axum_utils::record_error;
+use schemars::JsonSchema;
+use serde::Deserialize;
 use mas_storage::{
     BoxRng,
     queue::{DeactivateUserJob, QueueJobRepositoryExt as _},
@@ -49,6 +51,14 @@ impl IntoResponse for RouteError {
     }
 }
 
+/// # JSON payload for the `POST /api/admin/v1/users/:id/deactivate` endpoint
+#[derive(Deserialize, JsonSchema)]
+#[serde(rename = "DeactivateUserRequest")]
+pub struct Request {
+    /// Whether the user should be GDPR-erased from the homeserver.
+    erase: bool,
+}
+
 pub fn doc(operation: TransformOperation) -> TransformOperation {
     operation
         .id("deactivateUser")
@@ -76,6 +86,7 @@ pub async fn handler(
     }: CallContext,
     NoApi(mut rng): NoApi<BoxRng>,
     id: UlidPathParam,
+    Json(params): Json<Request>,
 ) -> Result<Json<SingleResponse<User>>, RouteError> {
     let id = *id;
     let mut user = repo
@@ -90,7 +101,7 @@ pub async fn handler(
 
     info!(%user.id, "Scheduling deactivation of user");
     repo.queue_job()
-        .schedule_job(&mut rng, &clock, DeactivateUserJob::new(&user, true))
+        .schedule_job(&mut rng, &clock, DeactivateUserJob::new(&user, params.erase))
         .await?;
 
     repo.save().await?;
diff --git a/docs/api/spec.json b/docs/api/spec.json
index 0082ea37c..c0e2ee510 100644
--- a/docs/api/spec.json
+++ b/docs/api/spec.json
@@ -1359,6 +1359,16 @@
             "style": "simple"
           }
         ],
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/DeactivateUserRequest"
+              }
+            }
+          },
+          "required": true
+        },
         "responses": {
           "200": {
             "description": "User was deactivated",
@@ -3872,6 +3882,19 @@
           }
         }
       },
+      "DeactivateUserRequest": {
+        "title": "JSON payload for the `POST /api/admin/v1/users/:id/deactivate` endpoint",
+        "type": "object",
+        "required": [
+          "erase"
+        ],
+        "properties": {
+          "erase": {
+            "description": "Whether the user should be GDPR-erased from the homeserver.",
+            "type": "boolean"
+          }
+        }
+      },
       "UserEmailFilter": {
         "type": "object",
         "properties": {